公开(公告)号：US12158970B2

公开(公告)日：2024-12-03

申请号：US18111821

申请日：2023-02-20

Applicant: Snowflake Inc.

Inventor： Benoit Dageville ,  Peter Povinec ,  Philipp Thomas Unterbrunner ,  Martin Hentschel

IPC: G06F21/62 ,  G06F21/60

Abstract: A method for directing queries to encrypted database files includes acquiring a mapping that links a first encrypted file with a different encrypted file. The first encrypted file is generated based on a first encryption key. The method includes generating, by one or more processors based on the mapping, an updated mapping to link a second encrypted file with the different encrypted file. The second encrypted file is generated based on a second encryption key. The method includes directing, using the mapping, a first query to the first encrypted file when the first query arrives before generating the updated mapping; and. The method includes directing, using the updated mapping, a second query to the second encrypted file when a second query arrives after generating the updated mapping.

公开(公告)号：US20240394395A1

公开(公告)日：2024-11-28

申请号：US18787930

申请日：2024-07-29

Applicant: Snowflake Inc.

Inventor： Damien Carru ,  Pui Kei Johnston Chu ,  Benoit Dageville ,  Shreyas Narendra Desai ,  Subramanian Muralidhar ,  Bowen Zhang

IPC: G06F21/62 ,  G06F16/21 ,  G06F16/25

Abstract: Embodiments of the present disclosure relate to sharing data using database roles. Database roles are generated within a database container of a provider account. Grants to a particular subset of the plurality of data objects of the database container may be assigned to each of the database roles, and each of the database roles are granted to a share object. The share object is mounted within a consumer account to generate an imported copy of each of the database roles. The imported copy of one or more of the database roles is granted to each of one or more account level roles of the consumer account. When a new object is added to a particular database role, it is immediately available for consumption by any account level roles to which the imported copy of the particular database role has been granted.

公开(公告)号：US12135715B1

公开(公告)日：2024-11-05

申请号：US18309490

申请日：2023-04-28

Applicant: Snowflake Inc.

Inventor： Xuelai Cui ,  Prashant Gaharwar ,  Vineet Garg ,  Boyung Lee ,  Kevin Ye Jie Li ,  Nicola Dan Onose ,  Andrew Xue ,  Jiaqi Yan

IPC: G06F16/30 ,  G06F11/34 ,  G06F16/2452 ,  G06F16/2453

Abstract: The subject technology receives a query, the query including a statement for performing the query. The subject technology performs a first lookup operation on a multi-phase cache based on the query. The subject technology performs, in response to a first cache miss of the multi-phase cache, parsing of the statement from the query. The subject technology performs, based on the parsing, a compilation process on the query to generate a compiled query plan, the compilation process determining an optimization and a generalization for the query. The subject technology determines that the compiled query plan is cacheable. The subject technology registers, in response to the compiled query plan being cacheable, a dummy entry in the multi-phase cache.

公开(公告)号：US20240362351A1

公开(公告)日：2024-10-31

申请号：US18306799

申请日：2023-04-25

Applicant: Snowflake Inc.

Inventor： Marion A. Brown ,  Keith M. Hoyle

IPC: G06F21/62 ,  G06F16/182 ,  H04L9/08 ,  H04L9/40

CPC classification number: G06F21/6218 ,  G06F16/184 ,  H04L9/0816 ,  H04L63/1416 ,  G06F2221/2107

Abstract: Provided herein are systems and methods for network intrusion event response and remediation. A file encryption key is generated based on a first private key of a user and a root key associated with a primary deployment of a database system. File data is encoded at a source account of the user using the file encryption key. The file data is replicated from the source account into a target account of the user to generate replicated file data. Notification of a detected network intrusion event is encoded for transmission to the user. A failover of the source account to the target account is performed based on the notification. The failover grants the user access to the replicated file data based at least on a second private key of the user.

公开(公告)号：US20240362340A1

公开(公告)日：2024-10-31

申请号：US18309628

申请日：2023-04-28

Applicant: Snowflake Inc.

Inventor： Ankur Agrawal ,  Iulia Ion ,  Shiva Dutt Paladugu ,  Cameron Tekiyeh ,  Sujay C. Yantrapragada

IPC: G06F21/57

CPC classification number: G06F21/577 ,  G06F2221/034

Abstract: A system for providing real-time automated security scoring for a data platform. The system collects application log data and threat intelligence data in a variety of formats and normalizes the application log data and threat intelligence data. A risk scoring engine uses the normalized application log data, the normalized threat intelligence data, and a risk mapping matrix to generate security score data. Security risk assessment data including the security score data is stored in a shared database so that consumers of the security scoring data can access the security risk assessment data in real-time.

公开(公告)号：US20240362196A1

公开(公告)日：2024-10-31

申请号：US18490586

申请日：2023-10-19

Applicant: Snowflake Inc.

Inventor： Sandeep Narendra Gupta ,  Qiming Jiang

IPC: G06F16/22 ,  G06F16/242 ,  G06F16/2455

CPC classification number: G06F16/2282 ,  G06F16/2448 ,  G06F16/24568

Abstract: Provided herein are systems and methods for real-time feature store configuration. The method includes decoding raw data received from a data source to obtain decoded raw data. The decoded raw data includes streaming data and batch data. An incremental computation of features associated with the decoded raw data is performed using at least one dynamic table object. The features are pushed to a feature store using at least one triggered task. Optionally, training of a machine learning model is performed using the features in the feature store.

公开(公告)号：US20240354437A1

公开(公告)日：2024-10-24

申请号：US18588839

申请日：2024-02-27

Applicant: SNOWFLAKE INC.

Inventor： Yimeng LI ,  Carl Yates PERRY ,  Raghavendran RAMAKRISHNAN ,  Frantisek ROLINEK ,  Yunqiao ZHANG

IPC: G06F21/62 ,  G06F16/28

CPC classification number: G06F21/6227 ,  G06F16/285 ,  G06F21/6254

Abstract: The present disclosure describes systems, methods, and computer program products for redacting sensitive data within a database. An example method can include sending, to a database, a data query accessing a column of the database, a masking policy identifying a first category of sensitive data and a second category of sensitive data, and in response to the data query, receiving redacted data, wherein the first category of sensitive data is redacted from a first location of the column by a first redaction operation and the second category of sensitive data is redacted from a second location of the column by a second redaction operation.

公开(公告)号：US12118038B2

公开(公告)日：2024-10-15

申请号：US18063253

申请日：2022-12-08

Applicant: Snowflake Inc.

Inventor： Elliott Brossard ,  Sukruth Komarla Sukumar ,  Isaac Kunen ,  Ju-Yi Kuo ,  Jonathan Lee Leang ,  Edward Ma ,  Schuyler James Manchester ,  Polita Paulus ,  Saurin Shah ,  Igor Zinkovsky

IPC: G06F16/00 ,  G06F16/22 ,  G06F16/2455 ,  G06F16/901 ,  G06F16/908 ,  G06F16/955

CPC classification number: G06F16/9017 ,  G06F16/2282 ,  G06F16/24568 ,  G06F16/908 ,  G06F16/955

Abstract: A method includes decoding, by at least one hardware processor, a request for a user-defined function (UDF). The request includes a reference to one or more files. The method further includes generating, by the at least one hardware processor, the UDF based on the request. The UDF includes a file reference object with file path information corresponding to the reference. The file path information identifies a file path to the one or more files. A UDF call into the UDF is detected. The UDF call specifies the file path information. The UDF call is processed to generate result data using the one or more files.

公开(公告)号：US20240338577A1

公开(公告)日：2024-10-10

申请号：US18416379

申请日：2024-01-18

Applicant: Snowflake Inc.

Inventor： Michal Gdak ,  Ganeshan Ramachandran Iyer ,  Tomasz Malisz ,  Mikolaj Niedbala ,  Pawel Pollak ,  Saurin Shah ,  Jan Tomasz Topinski ,  Daria Wieteska

IPC: G06N5/022

CPC classification number: G06N5/022

Abstract: Systems and methods for generating a machine-learning (ML) model for extracting information from one or more electronic documents, where the ML model can be used as a data object, which can be part of a database command or as part of a document information extraction process that is continuously running (e.g., document information extraction pipeline).

公开(公告)号：US20240330437A1

公开(公告)日：2024-10-03

申请号：US18737362

申请日：2024-06-07

Applicant: Snowflake Inc.

Inventor： Thierry Cruanes ,  Ganeshan Ramachandran Iyer ,  Isaac Kunen

IPC: G06F21/54 ,  G06F16/2455 ,  G06F21/53 ,  G06F21/60

CPC classification number: G06F21/54 ,  G06F16/2455 ,  G06F21/53 ,  G06F21/602 ,  G06F2221/033

Abstract: The logging techniques described herein can enable using logging tools without having to use different methods for sandbox implementations and push out the log data to storage without problems. The log data is treated as sensitive data and is protected according to the defined security policies. Further, the results may be compressed and encrypted.